ClientHello.pm 6.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258
  1. # Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
  2. #
  3. # Licensed under the OpenSSL license (the "License"). You may not use
  4. # this file except in compliance with the License. You can obtain a copy
  5. # in the file LICENSE in the source distribution or at
  6. # https://www.openssl.org/source/license.html
  7. use strict;
  8. package TLSProxy::ClientHello;
  9. use vars '@ISA';
  10. push @ISA, 'TLSProxy::Message';
  11. sub new
  12. {
  13. my $class = shift;
  14. my ($server,
  15. $data,
  16. $records,
  17. $startoffset,
  18. $message_frag_lens) = @_;
  19. my $self = $class->SUPER::new(
  20. $server,
  21. 1,
  22. $data,
  23. $records,
  24. $startoffset,
  25. $message_frag_lens);
  26. $self->{client_version} = 0;
  27. $self->{random} = [];
  28. $self->{session_id_len} = 0;
  29. $self->{session} = "";
  30. $self->{ciphersuite_len} = 0;
  31. $self->{ciphersuites} = [];
  32. $self->{comp_meth_len} = 0;
  33. $self->{comp_meths} = [];
  34. $self->{extensions_len} = 0;
  35. $self->{extension_data} = "";
  36. return $self;
  37. }
  38. sub parse
  39. {
  40. my $self = shift;
  41. my $ptr = 2;
  42. my ($client_version) = unpack('n', $self->data);
  43. my $random = substr($self->data, $ptr, 32);
  44. $ptr += 32;
  45. my $session_id_len = unpack('C', substr($self->data, $ptr));
  46. $ptr++;
  47. my $session = substr($self->data, $ptr, $session_id_len);
  48. $ptr += $session_id_len;
  49. my $ciphersuite_len = unpack('n', substr($self->data, $ptr));
  50. $ptr += 2;
  51. my @ciphersuites = unpack('n*', substr($self->data, $ptr,
  52. $ciphersuite_len));
  53. $ptr += $ciphersuite_len;
  54. my $comp_meth_len = unpack('C', substr($self->data, $ptr));
  55. $ptr++;
  56. my @comp_meths = unpack('C*', substr($self->data, $ptr, $comp_meth_len));
  57. $ptr += $comp_meth_len;
  58. my $extensions_len = unpack('n', substr($self->data, $ptr));
  59. $ptr += 2;
  60. #For now we just deal with this as a block of data. In the future we will
  61. #want to parse this
  62. my $extension_data = substr($self->data, $ptr);
  63. if (length($extension_data) != $extensions_len) {
  64. die "Invalid extension length\n";
  65. }
  66. my %extensions = ();
  67. while (length($extension_data) >= 4) {
  68. my ($type, $size) = unpack("nn", $extension_data);
  69. my $extdata = substr($extension_data, 4, $size);
  70. $extension_data = substr($extension_data, 4 + $size);
  71. $extensions{$type} = $extdata;
  72. }
  73. $self->client_version($client_version);
  74. $self->random($random);
  75. $self->session_id_len($session_id_len);
  76. $self->session($session);
  77. $self->ciphersuite_len($ciphersuite_len);
  78. $self->ciphersuites(\@ciphersuites);
  79. $self->comp_meth_len($comp_meth_len);
  80. $self->comp_meths(\@comp_meths);
  81. $self->extensions_len($extensions_len);
  82. $self->extension_data(\%extensions);
  83. $self->process_extensions();
  84. print " Client Version:".$client_version."\n";
  85. print " Session ID Len:".$session_id_len."\n";
  86. print " Ciphersuite len:".$ciphersuite_len."\n";
  87. print " Compression Method Len:".$comp_meth_len."\n";
  88. print " Extensions Len:".$extensions_len."\n";
  89. }
  90. #Perform any actions necessary based on the extensions we've seen
  91. sub process_extensions
  92. {
  93. my $self = shift;
  94. my %extensions = %{$self->extension_data};
  95. #Clear any state from a previous run
  96. TLSProxy::Record->etm(0);
  97. if (exists $extensions{TLSProxy::Message::EXT_ENCRYPT_THEN_MAC}) {
  98. TLSProxy::Record->etm(1);
  99. }
  100. }
  101. sub extension_contents
  102. {
  103. my $self = shift;
  104. my $key = shift;
  105. my $extension = "";
  106. my $extdata = ${$self->extension_data}{$key};
  107. $extension .= pack("n", $key);
  108. $extension .= pack("n", length($extdata));
  109. $extension .= $extdata;
  110. return $extension;
  111. }
  112. #Reconstruct the on-the-wire message data following changes
  113. sub set_message_contents
  114. {
  115. my $self = shift;
  116. my $data;
  117. my $extensions = "";
  118. $data = pack('n', $self->client_version);
  119. $data .= $self->random;
  120. $data .= pack('C', $self->session_id_len);
  121. $data .= $self->session;
  122. $data .= pack('n', $self->ciphersuite_len);
  123. $data .= pack("n*", @{$self->ciphersuites});
  124. $data .= pack('C', $self->comp_meth_len);
  125. $data .= pack("C*", @{$self->comp_meths});
  126. foreach my $key (keys %{$self->extension_data}) {
  127. next if ($key == TLSProxy::Message::EXT_PSK);
  128. $extensions .= $self->extension_contents($key);
  129. #Add extension twice if we are duplicating that extension
  130. $extensions .= $self->extension_contents($key) if ($key == $self->dupext);
  131. }
  132. #PSK extension always goes last...
  133. if (defined ${$self->extension_data}{TLSProxy::Message::EXT_PSK}) {
  134. $extensions .= $self->extension_contents(TLSProxy::Message::EXT_PSK);
  135. }
  136. #unless we have EXT_FORCE_LAST
  137. if (defined ${$self->extension_data}{TLSProxy::Message::EXT_FORCE_LAST}) {
  138. $extensions .= $self->extension_contents(TLSProxy::Message::EXT_FORCE_LAST);
  139. }
  140. $data .= pack('n', length($extensions));
  141. $data .= $extensions;
  142. $self->data($data);
  143. }
  144. #Read/write accessors
  145. sub client_version
  146. {
  147. my $self = shift;
  148. if (@_) {
  149. $self->{client_version} = shift;
  150. }
  151. return $self->{client_version};
  152. }
  153. sub random
  154. {
  155. my $self = shift;
  156. if (@_) {
  157. $self->{random} = shift;
  158. }
  159. return $self->{random};
  160. }
  161. sub session_id_len
  162. {
  163. my $self = shift;
  164. if (@_) {
  165. $self->{session_id_len} = shift;
  166. }
  167. return $self->{session_id_len};
  168. }
  169. sub session
  170. {
  171. my $self = shift;
  172. if (@_) {
  173. $self->{session} = shift;
  174. }
  175. return $self->{session};
  176. }
  177. sub ciphersuite_len
  178. {
  179. my $self = shift;
  180. if (@_) {
  181. $self->{ciphersuite_len} = shift;
  182. }
  183. return $self->{ciphersuite_len};
  184. }
  185. sub ciphersuites
  186. {
  187. my $self = shift;
  188. if (@_) {
  189. $self->{ciphersuites} = shift;
  190. }
  191. return $self->{ciphersuites};
  192. }
  193. sub comp_meth_len
  194. {
  195. my $self = shift;
  196. if (@_) {
  197. $self->{comp_meth_len} = shift;
  198. }
  199. return $self->{comp_meth_len};
  200. }
  201. sub comp_meths
  202. {
  203. my $self = shift;
  204. if (@_) {
  205. $self->{comp_meths} = shift;
  206. }
  207. return $self->{comp_meths};
  208. }
  209. sub extensions_len
  210. {
  211. my $self = shift;
  212. if (@_) {
  213. $self->{extensions_len} = shift;
  214. }
  215. return $self->{extensions_len};
  216. }
  217. sub extension_data
  218. {
  219. my $self = shift;
  220. if (@_) {
  221. $self->{extension_data} = shift;
  222. }
  223. return $self->{extension_data};
  224. }
  225. sub set_extension
  226. {
  227. my ($self, $ext_type, $ext_data) = @_;
  228. $self->{extension_data}{$ext_type} = $ext_data;
  229. }
  230. sub delete_extension
  231. {
  232. my ($self, $ext_type) = @_;
  233. delete $self->{extension_data}{$ext_type};
  234. }
  235. 1;